CVE-2005-4172

2005-12-11T21:03:00
ID CVE-2005-4172
Type cve
Reporter cve@mitre.org
Modified 2008-09-05T20:56:00

Description

eFiction 1.0, 1.1, and 2.0 allows remote attackers to obtain sensitive information via a direct request to storyblock.php without arguments, which leaks the full pathname in the resulting PHP error message.